Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Odd Google Chrome banner, what was it?


  • Please log in to reply
2 replies to this topic

#1 shenoute

shenoute

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 15 July 2016 - 10:57 PM

What happened

     About 17 days ago now, while I was searching something on Google, while using Google Chrome, a banner came up on the top of the web page (to clarify, the top of the Google search results, not as part of Chrome). I was, at the time, logged in to my Google account, on my Windows 10 machine. The banner had a blue shield icon in the top left corner, in the center, some text along the lines of "update your account for added security and transparency", and to the right, two blue buttons along the lines of "no thanks" and "tell me more". The banner actually used Google resources, it looked like something made by Google, and not cheap or fake looking at all. If I closed the search, the banner would go away, but would sometimes pop up again. I tried to see if it would pop up on another computer, my Mac, but it never seemed to.

     I was a bit suspicious, and didn't want to click on the links, since they seemed so unprompted. A quick google search provided no information concerning any sort of account update, which made me more suspicious. The closest was a several year old post about adwords or adsense, which I don't use. Though I did try to get Google App Engine running, before I learned I had to pay for it, and backed out part way through the signup process. This also happened a day or two after an update for Kaspersky, during which Windows 10 warned me I was unprotected and that I should turn on Defender.

 

What I did so far

     Worried that my system may have been compromised during the Kaspersky update, I did quite a bit:

  1. Logged out of anything currently logged in (i.e. GMail, Facebook, etc.)
  2. Reinstalled Kapsersky w/ a fresh download from Kaspersky's website, retrieved with a clean PC.
  3. Updated Chrome through Ninite
  4. Ran several full Kaspersky scans from Safe Mode
  5. Ran several scans from Avira Rescue disk
  6. Ran RKill (as iexplorer.exe), TDSSkiller, AdwCleaner, and HitmanPro

     Hitman found some Tracking Cookies. Avira marked some files from the old Voxlap game engine I carried over from my old PC as trojans (though me and a friend discussed it, and it looks like Avira was being jumpy. The files were labeled "gen" trojans or something, apparently what Avira's heuristic detection labels suspected trojans, as a safety measure. Since the file didn't matter to me now, I deleted it while writing this post). Other than those, the scans were clean.

 

Summary

     I think that summarizes what went on. With all the clean scans, it looks like I just jumped the gun. Maybe there was an account update for a regular old google account, with a (by my standards) needlessly vague prompt. There were prompts to update Chrome around then, and around the same time, a new blue shield icon appeared in the google apps toolbar in the Google search. However, the vague wording and lack of info worried me, and I'm worried something may be/have been on my PC, allowing fake popups to appear as part of some sort of phishing scam. Honestly, I just want some piece of mind. If this is bad, I don't want to have to uproot my PC, as depending on what I have to do, I might lose LOTS of data.

 

Thank you for your time, and I hope this is the right sub-forum for this particular situation.



BC AdBot (Login to Remove)

 


#2 spaggutty

spaggutty

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 16 July 2016 - 10:08 AM

http://www.bleepingcomputer.com/forums/t/619999/try-spyhunter-but-this-malware-is-best-trojan-ever/ maaaaaaaaan



#3 buddy215

buddy215

  • Moderator
  • 13,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:08 PM

Posted 16 July 2016 - 12:36 PM

If there was a malicious intent involving the banner you would be seeing something similar to ads, misdirects, etc. by now.

Most likely a Google banner.....harmless. If it appears again....post a screen shot of it. The programs you used were sufficient....and since they didn't find anything

....I don't see any further search necessary.

 

I will only suggest you use CCleaner to clean up the cached files in Chrome and other programs.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users